authorization: unlang/NAS-IP-Address
leopold
vova_b at yahoo.com
Wed Jul 23 20:40:29 CEST 2008
It seems that rlm_sql_process_groups in rlm_sql.c does not handle this
situation
1. If paircompare fails in rlm_sql_process_groups it should not return
found=1
2. rlm_sql_authorize should handle return code of rlm_sql_process_groups so
that if it is not found it should actually return not found and not "OK"
diff ./src/modules/rlm_sql/rlm_sql.c.ORIG ./src/modules/rlm_sql/rlm_sql.c
676a677,682
> else
> {
> found = 0;
> DEBUG2("rlm_sql (%s): User not found in
> group %s",
> inst->config->xlat_name,
> group_list_tmp->groupname);
> }
1004a1011,1015
> else
> {
> /* rows == 0 here */
> found = 0;
> }
1048a1060,1064
> else
> {
> /* rows == 0 here */
> found = 0;
>
Comments?
--
View this message in context: http://www.nabble.com/authorization%3A-unlang-NAS-IP-Address-tp18609937p18617625.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list